About - On Data Privacy

Steps Towards GDPR Readiness

On Data Privacy is designed to get you thinking and talking about your journey towards readiness for the GDPR.

Practical Not Technical

This is a non-technical approach.  I am neither a lawyer nor an IT expert.  You will probably need opinions from both of these to complete your compliance efforts.  However GDPR readiness is about so much more than your IT infrastructure and your legal agreements.  This is about data privacy and protection designed to meet the needs or your business and your data subjects.

You will also need an appreciation and understanding of what GDPR is all about and what “compliance” really means.  You will need to embrace it to the heart of your business.  Somebody else will decide if you are compliant or not.  The best you can hope to achieve is to be ready.  Readiness is a behaviour and an attitude that runs throughout your business.

I decided to start this website after becoming a GDPR Practitioner.  I am on the readiness and maintenance journey too with no less than three businesses, one of which is based in the

USA.  So as I glean new nuggets of practical experience and insight I’ll share them here.  I hold the International Association Of Privacy Professionals (IAPP) CIPP/E certification as a Certified Information Privacy Professional and CIPM as a Certified Information Privacy Manager. I should point out that the views I express are my own and not those of IAPP.

The main reason for setting up the website is because the resources available about GDPR are pretty poor.  Press articles on the subject are ridden with inaccuracies and often have particular agendas behind them.  None of which are focused on helping you to use GDPR to improve your business.

There is first class information available from the ICO in terms of what you should be doing, but precious little about the “how”.  I know from my own experience as a business owner that understanding what needs to be done is very easy.  Knowing how to do it takes experience, patience and skill.  It is difficult – and taking the team with you is essential.

So books and websites that lob page after page of very dry, factually correct information about what can be an even drier subject are all very well.  Somebody, somewhere needs to provide information and insight in an accessible, “layman” format.  On a long train journey one wet Thursday night, as I read through the Articles and Recitals of the General Data Protection Regulations, I decided that somebody should be me.


About This Website

This website is operated by On Data Privacy Ltd. a company registered in Scotland No. SC487611, on behalf of AllStrat Ltd (t/a GDPR for Hotels) a company registered in Scotland No. 231893.  On Data Privacy Ltd is a subsidiary company of Allstrat Ltd.

The website and associated services uses systems and content developed and maintained by Allstrat Ltd and licensed to On Data Privacy Ltd for use on this website.

Director:  Allan Simpson CIPP/E  CIPM

Contact email:   as@ondataprivacy.com

Contact address: 22 Montrose Street, Glasgow, G1 1RE

Contact Telephone:  0141 370 6224